Incorrect handling of '\0' bytes in file uploads in ModSecurity prior to 2.9.7 may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules that read the FILES_TMP_CONTENT collection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
trustwave modsecurity |
||
debian debian linux 10.0 |